Tor Helps Iranians Get Back Online
Iranian Internet users experienced a drastic blackout over the weekend as the government blocked encrypted Internet traffic. Tor, an anonymity and circumvention tool that offersa network run by volunteers, reported that on Friday, the number of Tor users in Iran—usually around 50,000—dropped to nearly zero. After a concerted effort by Tor to mask encrypted traffic, however, most of these users are back online.
Tor project members immediately began implementing a new obfuscated bridge called an obfsproxy that makes encrypted traffic appear to be regular traffic. Using this obfsproxy, SSL and TLS data act as if they are data sent using a regular, unsuspicious protocol such as the Extensible Messaging and Presence Protocol used for instant messaging. Said Executive Director Andrew Lewman, "We've been working mostly flat out for the past few days to help the people of Iran and it's nice to see that we are having an impact."
Not only has Iran banned politically and socially sensitive websites, but it has also specifically targeted Tor. According to the Tor blog, the Iranian government has taken three particular measures to increase censorship, including deep packet inspection of SSL traffic, selective blocking of IP Address and TCP port combinations, and some keyword filtering. The measures are extremely specific: "[Iran's government has] partially blocked access to Tor's website, torproject.org, via IP address (such as 86.59.30.36) and port 443 (which is the HTTPS port). The third level of blocking is by keywords, such as searching for the word 'tor' via regular, non-encrypted search engine websites."
This is not the first time Tor has faced a direct ban in Iran. Tor has become popular in Iran for its ability to anonymize web browsing and allow people in the country to access banned websites. Its increased use in the country led to a block of all Tor traffic last September. Iran added a filter route that could detect Internet traffic from Tor. On the same day, however, Tor quickly put in place bridges and relays in its network to circumvent the filter.
The crackdown on encrypted traffic is part of a larger government effort to tighten control over online information. Major foreign websites were blocked last week in the lead-up to the 1979 Islamic Revolution. On Monday, Google told Bloomberg that some of their most popular services, including Gmail, Youtube, and Google Video, are all blocked in Iran.